feat: initialize managed portal

internal/webdevice/proxy_test.go

@@ -0,0 +1,93 @@
+package webdevice
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"net/url"
+	"strings"
+	"testing"
+)
+
+func TestRewriteLocation(t *testing.T) {
+	t.Parallel()
+
+	targetURL, _ := url.Parse("http://192.168.1.124:80")
+	got := RewriteLocation("192.168.1.124", targetURL, "http://192.168.1.124/ISAPI/Security")
+	if got != "/proxy/web/192.168.1.124/ISAPI/Security" {
+		t.Fatalf("RewriteLocation() = %q", got)
+	}
+}
+
+func TestRewriteSetCookie(t *testing.T) {
+	t.Parallel()
+
+	got := RewriteSetCookie("SID=1; Path=/; Domain=192.168.1.124; HttpOnly", "/proxy/web/192.168.1.124")
+	if strings.Contains(strings.ToLower(got), "domain=") {
+		t.Fatalf("RewriteSetCookie() kept domain: %q", got)
+	}
+	if !strings.Contains(got, "Path=/proxy/web/192.168.1.124/") {
+		t.Fatalf("RewriteSetCookie() path = %q", got)
+	}
+}
+
+func TestRewriteText(t *testing.T) {
+	t.Parallel()
+
+	targetURL, _ := url.Parse("http://192.168.1.124:80")
+	body := `<html><head></head><body><img src="/doc/logo.png"><a href="http://192.168.1.124/ISAPI/x">x</a></body></html>`
+	got := RewriteText(body, "/proxy/web/192.168.1.124", targetURL, "text/html")
+
+	if !strings.Contains(got, `/proxy/web/192.168.1.124/doc/logo.png`) {
+		t.Fatalf("rewritten body missing proxied relative URL: %s", got)
+	}
+	if !strings.Contains(got, `data-web-proxy-runtime`) {
+		t.Fatalf("rewritten body missing runtime injection: %s", got)
+	}
+}
+
+func TestProxyHTTPRejectsUnscannedIP(t *testing.T) {
+	t.Parallel()
+
+	svc := NewService()
+	req := httptest.NewRequest(http.MethodGet, "http://portal/proxy/web/192.168.1.124/", nil)
+	rec := httptest.NewRecorder()
+
+	err := svc.ProxyHTTP(rec, req, "192.168.1.124", "/")
+	if err != ErrTargetNotAllowed {
+		t.Fatalf("ProxyHTTP() error = %v, want ErrTargetNotAllowed", err)
+	}
+}
+
+func TestProxyHTTPServesAllowedTarget(t *testing.T) {
+	t.Parallel()
+
+	upstream := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Location", "http://192.168.1.124/ISAPI/test")
+		w.Header().Add("Set-Cookie", "SID=1; Path=/")
+		w.Header().Set("Content-Type", "text/html")
+		_, _ = w.Write([]byte(`<html><head></head><body><img src="/doc/logo.png"></body></html>`))
+	}))
+	defer upstream.Close()
+
+	svc := NewService()
+	svc.allowIP("192.168.1.124")
+	svc.proxyTarget = func(ip string) string {
+		return upstream.URL
+	}
+
+	req := httptest.NewRequest(http.MethodGet, "http://portal/proxy/web/192.168.1.124/", nil)
+	rec := httptest.NewRecorder()
+
+	if err := svc.ProxyHTTP(rec, req, "192.168.1.124", "/"); err != nil {
+		t.Fatalf("ProxyHTTP() error = %v", err)
+	}
+	if rec.Code != http.StatusOK {
+		t.Fatalf("status = %d body = %s", rec.Code, rec.Body.String())
+	}
+	if got := rec.Header().Get("Location"); got != "http://192.168.1.124/ISAPI/test" {
+		t.Fatalf("Location = %q", got)
+	}
+	if !strings.Contains(rec.Body.String(), "/proxy/web/192.168.1.124/doc/logo.png") {
+		t.Fatalf("body = %s", rec.Body.String())
+	}
+}