2017-11-19 20:34:55 +00:00
|
|
|
<?php
|
|
|
|
|
2020-06-24 04:59:37 +00:00
|
|
|
namespace Tests\Unit\Http\Middleware\Api;
|
2017-11-19 20:34:55 +00:00
|
|
|
|
2018-01-14 18:06:15 +00:00
|
|
|
use Pterodactyl\Models\ApiKey;
|
2017-11-19 20:34:55 +00:00
|
|
|
use Tests\Unit\Http\Middleware\MiddlewareTestCase;
|
2018-02-25 21:34:01 +00:00
|
|
|
use Pterodactyl\Http\Middleware\Api\AuthenticateIPAccess;
|
2020-06-24 04:59:37 +00:00
|
|
|
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
|
2017-11-19 20:34:55 +00:00
|
|
|
|
|
|
|
class AuthenticateIPAccessTest extends MiddlewareTestCase
|
|
|
|
{
|
|
|
|
/**
|
|
|
|
* Test middleware when there are no IP restrictions.
|
|
|
|
*/
|
|
|
|
public function testWithNoIPRestrictions()
|
|
|
|
{
|
2018-01-14 18:06:15 +00:00
|
|
|
$model = factory(ApiKey::class)->make(['allowed_ips' => []]);
|
2017-11-19 20:34:55 +00:00
|
|
|
$this->setRequestAttribute('api_key', $model);
|
|
|
|
|
|
|
|
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test middleware works correctly when a valid IP accesses
|
|
|
|
* and there is an IP restriction.
|
|
|
|
*/
|
|
|
|
public function testWithValidIP()
|
|
|
|
{
|
2020-11-11 04:13:55 +00:00
|
|
|
$model = factory(ApiKey::class)->make(['allowed_ips' => ['127.0.0.1']]);
|
2017-11-19 20:34:55 +00:00
|
|
|
$this->setRequestAttribute('api_key', $model);
|
|
|
|
|
|
|
|
$this->request->shouldReceive('ip')->withNoArgs()->once()->andReturn('127.0.0.1');
|
|
|
|
|
|
|
|
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test that a CIDR range can be used.
|
|
|
|
*/
|
2018-05-13 15:05:52 +00:00
|
|
|
public function testValidIPAgainstCIDRRange()
|
2017-11-19 20:34:55 +00:00
|
|
|
{
|
2020-11-11 04:13:55 +00:00
|
|
|
$model = factory(ApiKey::class)->make(['allowed_ips' => ['192.168.1.1/28']]);
|
2017-11-19 20:34:55 +00:00
|
|
|
$this->setRequestAttribute('api_key', $model);
|
|
|
|
|
|
|
|
$this->request->shouldReceive('ip')->withNoArgs()->once()->andReturn('192.168.1.15');
|
|
|
|
|
|
|
|
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Test that an exception is thrown when an invalid IP address
|
|
|
|
* tries to connect and there is an IP restriction.
|
|
|
|
*/
|
|
|
|
public function testWithInvalidIP()
|
|
|
|
{
|
2020-06-24 04:59:37 +00:00
|
|
|
$this->expectException(AccessDeniedHttpException::class);
|
|
|
|
|
2020-11-11 04:13:55 +00:00
|
|
|
$model = factory(ApiKey::class)->make(['allowed_ips' => ['127.0.0.1']]);
|
2017-11-19 20:34:55 +00:00
|
|
|
$this->setRequestAttribute('api_key', $model);
|
|
|
|
|
2018-03-01 05:39:59 +00:00
|
|
|
$this->request->shouldReceive('ip')->withNoArgs()->twice()->andReturn('127.0.0.2');
|
2017-11-19 20:34:55 +00:00
|
|
|
|
|
|
|
$this->getMiddleware()->handle($this->request, $this->getClosureAssertions());
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Return an instance of the middleware to be used when testing.
|
|
|
|
*
|
2018-02-25 21:34:01 +00:00
|
|
|
* @return \Pterodactyl\Http\Middleware\Api\AuthenticateIPAccess
|
2017-11-19 20:34:55 +00:00
|
|
|
*/
|
|
|
|
private function getMiddleware(): AuthenticateIPAccess
|
|
|
|
{
|
|
|
|
return new AuthenticateIPAccess();
|
|
|
|
}
|
|
|
|
}
|