Rocket/core/lib/tests/cookies-private.rs
Sergio Benitez c337f75f32 Fix 'get_pending()' docs, functionality.
The `get_pending()` method now properly decrypts private cookies that were
present in the jar originally.

Resolves #2591.
2023-08-10 16:22:28 -04:00

114 lines
3.5 KiB
Rust

#![cfg(feature = "secrets")]
#![deny(warnings)]
use rocket::http::{Cookie, CookieJar, SameSite};
use rocket::{get, post, routes};
#[post("/")]
fn cookie_add_private(jar: &CookieJar<'_>) {
let mut cookie_a = Cookie::new("a", "v1");
jar.add(cookie_a.clone());
let mut cookie_b = Cookie::new("b", "v2");
jar.add_private(cookie_b.clone());
jar.add(Cookie::new("c", "v3"));
// private: CookieJar::set_defaults(&mut cookie_a);
cookie_a.set_path("/");
cookie_a.set_same_site(SameSite::Strict);
assert_eq!(jar.get_pending(cookie_a.name()), Some(cookie_a));
// private: CookieJar::set_private_defaults(&mut cookie_b);
cookie_b.set_path("/");
cookie_b.set_same_site(SameSite::Strict);
cookie_b.set_http_only(true);
let expires = time::OffsetDateTime::now_utc() + time::Duration::weeks(1);
cookie_b.set_expires(expires);
let mut cookie_b_pending = jar
.get_pending(cookie_b.name())
.expect("cookie_b_pending None");
cookie_b_pending.set_expires(expires);
assert_eq!(cookie_b_pending, cookie_b);
}
#[get("/")]
fn cookie_get_private(jar: &CookieJar<'_>) -> String {
let (a, b, c) = (jar.get("a"), jar.get_private("b"), jar.get("c"));
assert_ne!(a, b.as_ref());
assert_ne!(a, c);
assert_ne!(b.as_ref(), c);
assert_eq!(b, jar.get_pending("b"));
format!(
"{}{}{}",
a.unwrap().value(),
b.unwrap().value(),
c.unwrap().value()
)
}
/// For test if we got really a private cookie
#[get("/oh-no")]
fn cookie_get(jar: &CookieJar<'_>) -> String {
let (a, b, c) = (jar.get("a"), jar.get("b"), jar.get("c"));
assert_eq!(b.cloned(), jar.get_pending("b"));
format!(
"{}{}{}",
a.unwrap().value(),
b.unwrap().value(),
c.unwrap().value()
)
}
#[cfg(test)]
mod cookies_private_tests {
use super::*;
use rocket::local::blocking::Client;
use rocket::{Build, Rocket};
fn rocket() -> Rocket<Build> {
rocket::build()
.mount("/", routes![cookie_add_private, cookie_get, cookie_get_private])
}
#[test]
fn test_cookie_add_private() {
let client = Client::debug(rocket()).unwrap();
let response = client.post("/").dispatch();
let cookies = response.cookies();
assert_eq!(cookies.iter().count(), 3);
assert_eq!(cookies.get("a").unwrap().value(), "v1");
assert_eq!(cookies.get_private("b").unwrap().value(), "v2");
assert_eq!(cookies.get_pending("b").unwrap().value(), "v2");
assert_ne!(cookies.get("b").unwrap().value(), "v2");
assert_eq!(cookies.get("c").unwrap().value(), "v3");
}
#[test]
fn test_cookie_get_private() {
let client = Client::debug(rocket()).unwrap();
let response = client
.get("/")
.cookie(Cookie::new("a", "Cookie"))
.private_cookie(Cookie::new("b", " tastes "))
.cookie(Cookie::new("c", "good!"))
.dispatch();
assert_eq!(response.into_string().unwrap(), "Cookie tastes good!");
}
/// Test if we got really a private cookie
#[test]
fn test_cookie_get_ohno() {
let client = Client::debug(rocket()).unwrap();
let response = client
.get("/oh-no")
.cookie(Cookie::new("a", "Cookie"))
.private_cookie(Cookie::new("b", " tastes "))
.cookie(Cookie::new("c", "good!"))
.dispatch();
assert_ne!(response.into_string().unwrap(), "Cookie tastes good!");
}
}