From 356e5351ae19bab1768a731bbe9f760ef6564c3e Mon Sep 17 00:00:00 2001 From: Chris Stockton Date: Fri, 11 Oct 2024 05:14:52 -0700 Subject: [PATCH] fix: remove comments from middleware test --- internal/api/middleware_test.go | 182 -------------------------------- 1 file changed, 182 deletions(-) diff --git a/internal/api/middleware_test.go b/internal/api/middleware_test.go index 1b125dd5c..af1ea777e 100644 --- a/internal/api/middleware_test.go +++ b/internal/api/middleware_test.go @@ -185,56 +185,6 @@ func (ts *MiddlewareTestSuite) TestVerifyCaptchaInvalid() { } } -/* - -func (ts *MiddlewareTestSuite) TestLimitEmailOrPhoneSentHandler() { - // Set up rate limit config for this test - ts.Config.RateLimitEmailSent = 5 - ts.Config.RateLimitSmsSent = 5 - ts.Config.External.Phone.Enabled = true - - cases := []struct { - desc string - expectedErrorMsg string - requestBody map[string]interface{} - }{ - { - desc: "Email rate limit exceeded", - expectedErrorMsg: "429: Email rate limit exceeded", - requestBody: map[string]interface{}{ - "email": "test@example.com", - }, - }, - { - desc: "SMS rate limit exceeded", - expectedErrorMsg: "429: SMS rate limit exceeded", - requestBody: map[string]interface{}{ - "phone": "+1233456789", - }, - }, - } - - limiter := ts.API.limitEmailOrPhoneSentHandler(NewLimiterOptions(ts.Config)) - for _, c := range cases { - ts.Run(c.desc, func() { - var buffer bytes.Buffer - require.NoError(ts.T(), json.NewEncoder(&buffer).Encode(c.requestBody)) - req := httptest.NewRequest(http.MethodPost, "http://localhost", &buffer) - req.Header.Set("Content-Type", "application/json") - w := httptest.NewRecorder() - - ctx, err := limiter(w, req) - require.NoError(ts.T(), err) - - // check that shared limiter is set in the request context - sharedLimiter := getLimiter(ctx) - require.NotNil(ts.T(), sharedLimiter) - }) - } -} - -*/ - func (ts *MiddlewareTestSuite) TestIsValidExternalHost() { cases := []struct { desc string @@ -392,138 +342,6 @@ func (ts *MiddlewareTestSuite) TestLimitHandler() { require.Equal(ts.T(), http.StatusTooManyRequests, w.Code) } -/* - -func (ts *MiddlewareTestSuite) TestLimitHandlerWithSharedLimiter() { - // setup config for shared limiter and ip-based limiter to work - ts.Config.RateLimitHeader = "X-Rate-Limit" - ts.Config.External.Email.Enabled = true - ts.Config.External.Phone.Enabled = true - ts.Config.Mailer.Autoconfirm = false - ts.Config.Sms.Autoconfirm = false - - ipBasedLimiter := func(max float64) *limiter.Limiter { - return tollbooth.NewLimiter(max, &limiter.ExpirableOptions{ - DefaultExpirationTTL: time.Hour, - }) - } - - okHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - limiter := getLimiter(r.Context()) - if limiter != nil { - var requestBody struct { - Email string `json:"email"` - Phone string `json:"phone"` - } - err := retrieveRequestParams(r, &requestBody) - require.NoError(ts.T(), err) - - if requestBody.Email != "" { - if err := tollbooth.LimitByKeys(limiter.EmailLimiter, []string{"email_functions"}); err != nil { - sendJSON(w, http.StatusTooManyRequests, HTTPError{ - HTTPStatus: http.StatusTooManyRequests, - ErrorCode: ErrorCodeOverEmailSendRateLimit, - Message: "Email rate limit exceeded", - }) - } - } - if requestBody.Phone != "" { - if err := tollbooth.LimitByKeys(limiter.EmailLimiter, []string{"phone_functions"}); err != nil { - sendJSON(w, http.StatusTooManyRequests, HTTPError{ - HTTPStatus: http.StatusTooManyRequests, - ErrorCode: ErrorCodeOverSMSSendRateLimit, - Message: "SMS rate limit exceeded", - }) - } - } - } - w.WriteHeader(http.StatusOK) - }) - - cases := []struct { - desc string - sharedLimiterConfig *conf.GlobalConfiguration - ipBasedLimiterConfig float64 - body map[string]interface{} - expectedErrorCode string - }{ - { - desc: "Exceed ip-based rate limit before shared limiter", - sharedLimiterConfig: &conf.GlobalConfiguration{ - RateLimitEmailSent: 10, - RateLimitSmsSent: 10, - }, - ipBasedLimiterConfig: 1, - body: map[string]interface{}{ - "email": "foo@example.com", - }, - expectedErrorCode: ErrorCodeOverRequestRateLimit, - }, - { - desc: "Exceed email shared limiter", - sharedLimiterConfig: &conf.GlobalConfiguration{ - RateLimitEmailSent: 1, - RateLimitSmsSent: 1, - }, - ipBasedLimiterConfig: 10, - body: map[string]interface{}{ - "email": "foo@example.com", - }, - expectedErrorCode: ErrorCodeOverEmailSendRateLimit, - }, - { - desc: "Exceed sms shared limiter", - sharedLimiterConfig: &conf.GlobalConfiguration{ - RateLimitEmailSent: 1, - RateLimitSmsSent: 1, - }, - ipBasedLimiterConfig: 10, - body: map[string]interface{}{ - "phone": "123456789", - }, - expectedErrorCode: ErrorCodeOverSMSSendRateLimit, - }, - } - - for _, c := range cases { - ts.Run(c.desc, func() { - ts.Config.RateLimitEmailSent = c.sharedLimiterConfig.RateLimitEmailSent - ts.Config.RateLimitSmsSent = c.sharedLimiterConfig.RateLimitSmsSent - lmt := ts.API.limitHandler(ipBasedLimiter(c.ipBasedLimiterConfig)) - sharedLimiter := ts.API.limitEmailOrPhoneSentHandler(NewLimiterOptions(ts.Config)) - - // get the minimum amount to reach the threshold just before the rate limit is exceeded - threshold := min(c.sharedLimiterConfig.RateLimitEmailSent, c.sharedLimiterConfig.RateLimitSmsSent, c.ipBasedLimiterConfig) - for i := 0; i < int(threshold); i++ { - var buffer bytes.Buffer - require.NoError(ts.T(), json.NewEncoder(&buffer).Encode(c.body)) - req := httptest.NewRequest(http.MethodPost, "http://localhost", &buffer) - req.Header.Add(ts.Config.RateLimitHeader, "0.0.0.0") - - w := httptest.NewRecorder() - lmt.handler(sharedLimiter.handler(okHandler)).ServeHTTP(w, req) - require.Equal(ts.T(), http.StatusOK, w.Code) - } - - var buffer bytes.Buffer - require.NoError(ts.T(), json.NewEncoder(&buffer).Encode(c.body)) - req := httptest.NewRequest(http.MethodPost, "http://localhost", &buffer) - req.Header.Add(ts.Config.RateLimitHeader, "0.0.0.0") - - // check if the rate limit is exceeded with the expected error code - w := httptest.NewRecorder() - lmt.handler(sharedLimiter.handler(okHandler)).ServeHTTP(w, req) - require.Equal(ts.T(), http.StatusTooManyRequests, w.Code) - - var data map[string]interface{} - require.NoError(ts.T(), json.NewDecoder(w.Body).Decode(&data)) - require.Equal(ts.T(), c.expectedErrorCode, data["error_code"]) - }) - } -} - -*/ - func (ts *MiddlewareTestSuite) TestIsValidAuthorizedEmail() { ts.API.config.External.Email.AuthorizedAddresses = []string{"valid@example.com"}