tools/main_test.go

package main

import (
	"bytes"
	"crypto/x509/pkix"
	"encoding/base64"
	"encoding/json"
	"net/http"
	"net/http/httptest"
	"strings"
	"testing"
)

func TestIndexRoute(t *testing.T) {
	router := newRouter()
	recorder := httptest.NewRecorder()
	request := httptest.NewRequest(http.MethodGet, "/", nil)

	router.ServeHTTP(recorder, request)

	if recorder.Code != http.StatusOK {
		t.Fatalf("expected 200, got %d", recorder.Code)
	}
}

func TestTLSGenerateRoute(t *testing.T) {
	router := newRouter()
	recorder := httptest.NewRecorder()

	payload, err := json.Marshal(map[string]any{
		"commonName":         "example.local",
		"organization":       "Example Corp",
		"organizationalUnit": "Engineering",
		"locality":           "Charlotte Amalie",
		"state":              "St Thomas",
		"country":            "VI",
		"dnsNames":           "example.local,www.example.local",
		"validDays":          30,
		"keySize":            3072,
	})
	if err != nil {
		t.Fatalf("marshal payload: %v", err)
	}

	request := httptest.NewRequest(http.MethodPost, "/api/tls/generate", bytes.NewReader(payload))
	request.Header.Set("Content-Type", "application/json")

	router.ServeHTTP(recorder, request)

	if recorder.Code != http.StatusOK {
		t.Fatalf("expected 200, got %d: %s", recorder.Code, recorder.Body.String())
	}

	var response map[string]any
	if err := json.Unmarshal(recorder.Body.Bytes(), &response); err != nil {
		t.Fatalf("unmarshal response: %v", err)
	}

	for _, key := range []string{"certificatePem", "privateKeyPem", "publicKeyPem", "csrPem"} {
		value, _ := response[key].(string)
		if !strings.Contains(value, "BEGIN") {
			t.Fatalf("expected %s to contain PEM data", key)
		}
	}

	zipBase64, _ := response["zipBase64"].(string)
	zipFilename, _ := response["zipFilename"].(string)
	if zipFilename == "" {
		t.Fatal("expected zipFilename to be present")
	}
	zipBytes, err := base64.StdEncoding.DecodeString(zipBase64)
	if err != nil {
		t.Fatalf("decode zipBase64: %v", err)
	}
	if len(zipBytes) == 0 {
		t.Fatal("expected zip archive bytes")
	}

	if keySize, ok := response["keySize"].(float64); !ok || keySize != 3072 {
		t.Fatalf("expected keySize 3072, got %#v", response["keySize"])
	}
}

func TestSSLCheckRejectsEmptyURL(t *testing.T) {
	router := newRouter()
	recorder := httptest.NewRecorder()

	payload, err := json.Marshal(map[string]any{
		"url": "",
	})
	if err != nil {
		t.Fatalf("marshal payload: %v", err)
	}

	request := httptest.NewRequest(http.MethodPost, "/api/ssl/check", bytes.NewReader(payload))
	request.Header.Set("Content-Type", "application/json")

	router.ServeHTTP(recorder, request)

	if recorder.Code != http.StatusBadRequest {
		t.Fatalf("expected 400, got %d: %s", recorder.Code, recorder.Body.String())
	}
}

func TestPEMCheckRoute(t *testing.T) {
	router := newRouter()
	recorder := httptest.NewRecorder()

	subject := pkix.Name{
		CommonName:         "example.local",
		Organization:       []string{"Example Corp"},
		OrganizationalUnit: []string{"Engineering"},
	}

	certPEM, keyPEM, _, csrPEM, _, err := generateCertificate(subject, []string{"example.local"}, 30, 2048)
	if err != nil {
		t.Fatalf("generate certificate: %v", err)
	}

	payload, err := json.Marshal(map[string]any{
		"pem": string(certPEM) + "\n" + string(csrPEM) + "\n" + string(keyPEM),
	})
	if err != nil {
		t.Fatalf("marshal payload: %v", err)
	}

	request := httptest.NewRequest(http.MethodPost, "/api/pem/check", bytes.NewReader(payload))
	request.Header.Set("Content-Type", "application/json")

	router.ServeHTTP(recorder, request)

	if recorder.Code != http.StatusOK {
		t.Fatalf("expected 200, got %d: %s", recorder.Code, recorder.Body.String())
	}

	var response map[string]any
	if err := json.Unmarshal(recorder.Body.Bytes(), &response); err != nil {
		t.Fatalf("unmarshal response: %v", err)
	}

	if count, ok := response["count"].(float64); !ok || count != 3 {
		t.Fatalf("expected 3 blocks, got %#v", response["count"])
	}
}