prosody
26a004c96ef8
spec/util_http_spec.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

File

spec/util_http_spec.lua @ 12694:26a004c96ef8

util.paseto: Implementation of PASETO v4.public tokens PASETO provides an alternative to JWT with the promise of fewer implementation pitfalls. The v4.public algorithm allows asymmetric cryptographically-verified token issuance and validation. In summary, such tokens can be issued by one party and securely verified by any other party independently using the public key of the issuer. This has a number of potential applications in a decentralized network and ecosystem such as XMPP. For example, such tokens could be combined with XEP-0317 to allow hats to be verified even in the context of a third-party MUC service.
author Matthew Wild <mwild1@gmail.com>
date Fri, 24 Jun 2022 17:03:28 +0100
parent 10711:d2e4584ba7b3
child 13124:f15e23840780
line wrap: on
line source


local http = require "util.http";

describe("util.http", function()
	describe("#urlencode()", function()
		it("should not change normal characters", function()
			assert.are.equal(http.urlencode("helloworld123"), "helloworld123");
		end);

		it("should escape spaces", function()
			assert.are.equal(http.urlencode("hello world"), "hello%20world");
		end);

		it("should escape important URL characters", function()
			assert.are.equal(http.urlencode("This & that = something"), "This%20%26%20that%20%3d%20something");
		end);
	end);

	describe("#urldecode()", function()
		it("should not change normal characters", function()
			assert.are.equal("helloworld123", http.urldecode("helloworld123"), "Normal characters not escaped");
		end);

		it("should decode spaces", function()
			assert.are.equal("hello world", http.urldecode("hello%20world"), "Spaces escaped");
		end);

		it("should decode important URL characters", function()
			assert.are.equal("This & that = something", http.urldecode("This%20%26%20that%20%3d%20something"), "Important URL chars escaped");
		end);

		it("should decode both lower and uppercase", function ()
			assert.are.equal("This & that = {something}.", http.urldecode("This%20%26%20that%20%3D%20%7Bsomething%7D%2E"), "Important URL chars escaped");
		end);

	end);

	describe("#formencode()", function()
		it("should encode basic data", function()
			assert.are.equal(http.formencode({ { name = "one", value = "1"}, { name = "two", value = "2" } }), "one=1&two=2", "Form encoded");
		end);

		it("should encode special characters with escaping", function()
			assert.are.equal(http.formencode({ { name = "one two", value = "1"}, { name = "two one&", value = "2" } }), "one+two=1&two+one%26=2", "Form encoded");
		end);
	end);

	describe("#formdecode()", function()
		it("should decode basic data", function()
			local t = http.formdecode("one=1&two=2");
			assert.are.same(t, {
				{ name = "one", value = "1" };
				{ name = "two", value = "2" };
				one = "1";
				two = "2";
			});
		end);

		it("should decode special characters", function()
			local t = http.formdecode("one+two=1&two+one%26=2");
			assert.are.same(t, {
				{ name = "one two", value = "1" };
				{ name = "two one&", value = "2" };
				["one two"] = "1";
				["two one&"] = "2";
			});
		end);
	end);

	describe("normalize_path", function ()
		it("root path is always '/'", function ()
			assert.equal("/", http.normalize_path("/"));
			assert.equal("/", http.normalize_path(""));
			assert.equal("/", http.normalize_path("/", true));
			assert.equal("/", http.normalize_path("", true));
		end);

		it("works", function ()
			assert.equal("/foo", http.normalize_path("foo"));
			assert.equal("/foo", http.normalize_path("/foo"));
			assert.equal("/foo", http.normalize_path("foo/"));
			assert.equal("/foo", http.normalize_path("/foo/"));
		end);

		it("is_dir works", function ()
			assert.equal("/foo/", http.normalize_path("foo", true));
			assert.equal("/foo/", http.normalize_path("/foo", true));
			assert.equal("/foo/", http.normalize_path("foo/", true));
			assert.equal("/foo/", http.normalize_path("/foo/", true));
		end);
	end);

	describe("contains_token", function ()
		it("is present in field", function ()
			assert.is_true(http.contains_token("foo", "foo"));
			assert.is_true(http.contains_token("foo, bar", "foo"));
			assert.is_true(http.contains_token("foo,bar", "foo"));
			assert.is_true(http.contains_token("bar,  foo,baz", "foo"));
		end);

		it("is absent from field", function ()
			assert.is_false(http.contains_token("bar", "foo"));
			assert.is_false(http.contains_token("fooo", "foo"));
			assert.is_false(http.contains_token("foo o,bar", "foo"));
		end);

		it("is weird", function ()
			assert.is_(http.contains_token("fo o", "foo"));
		end);
	end);
end);