Files
promptfoo--promptfoo/test/providers/http-certificate-content.test.ts
wehub-resource-sync 0d3cb498a3
CI / Shell Format Check (push) Has been cancelled
CI / Check Ruby (3.4) (push) Has been cancelled
CI / CI Config (push) Has been cancelled
CI / Test on Node ${{ matrix.node }} and ${{ matrix.os }}${{ matrix.shard && format(' (shard {0}/3)', matrix.shard) || '' }} (push) Has been cancelled
CI / Build on Node ${{ matrix.node }} (push) Has been cancelled
CI / Style Check (push) Has been cancelled
CI / Generate Assets (push) Has been cancelled
CI / Check Python (3.14) (push) Has been cancelled
CI / Check Python (3.9) (push) Has been cancelled
CI / Build Docs (push) Has been cancelled
CI / Code Scan Action (push) Has been cancelled
CI / Site tests (push) Has been cancelled
CI / webui tests (push) Has been cancelled
CI / Run Integration Tests (push) Has been cancelled
CI / Run Smoke Tests (push) Has been cancelled
CI / Go Tests (push) Has been cancelled
CI / Share Test (push) Has been cancelled
CI / Redteam (Production API) (push) Has been cancelled
CI / Redteam (Staging API) (push) Has been cancelled
CI / GitHub Actions Lint (push) Has been cancelled
CI / Check Ruby (3.0) (push) Has been cancelled
release-please / release-please (push) Has been cancelled
release-please / build (push) Has been cancelled
release-please / publish-npm (push) Has been cancelled
release-please / publish-npm-backfill (push) Has been cancelled
release-please / docker (push) Has been cancelled
release-please / publish-code-scan-action (push) Has been cancelled
release-please / attest-code-scan-action (push) Has been cancelled
Deploy local.promptfoo.app / Deploy to Cloudflare Pages (push) Has been cancelled
Test and Publish Multi-arch Docker Image / test (push) Has been cancelled
Test and Publish Multi-arch Docker Image / build-docker-and-push-digests (map[digest-suffix:linux-amd64 platform:linux/amd64 runner:ubuntu-latest]) (push) Has been cancelled
Test and Publish Multi-arch Docker Image / build-docker-and-push-digests (map[digest-suffix:linux-arm64 platform:linux/arm64 runner:ubuntu-24.04-arm]) (push) Has been cancelled
Test and Publish Multi-arch Docker Image / merge-docker-digests (push) Has been cancelled
Test and Publish Multi-arch Docker Image / Attest Multi-arch Image (push) Has been cancelled
Validate Renovate Config / Validate Renovate Configuration (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 13:24:08 +08:00

129 lines
4.7 KiB
TypeScript

import { describe, expect, it, vi } from 'vitest';
import { HttpProviderConfigSchema } from '../../src/providers/http';
// Mock fs to prevent actual file system access during tests
vi.mock('fs');
// Mock crypto to prevent actual signature generation in tests
vi.mock('crypto');
describe('Http Provider Certificate Content Support', () => {
describe('generateSignature with certificate content', () => {
it('should validate PEM certificates with inline content', () => {
const privateKey = '-----BEGIN PRIVATE KEY-----\nMIIEvQ...\n-----END PRIVATE KEY-----';
const signatureAuth = {
type: 'pem' as const,
privateKey,
signatureDataTemplate: '{{signatureTimestamp}}',
signatureAlgorithm: 'SHA256',
signatureValidityMs: 300000,
};
// This should pass validation
expect(() => {
const result = HttpProviderConfigSchema.parse({ signatureAuth });
expect(result.signatureAuth).toBeDefined();
}).not.toThrow();
});
it('should validate JKS certificates with base64 content', () => {
const keystoreContent = 'UEsDBBQAAAAIAF1nYXRld2F5...'; // base64 encoded JKS
const signatureAuth = {
type: 'jks' as const,
keystoreContent,
keystorePassword: 'password',
signatureDataTemplate: '{{signatureTimestamp}}',
signatureAlgorithm: 'SHA256',
signatureValidityMs: 300000,
};
// This should pass validation
expect(() => {
const result = HttpProviderConfigSchema.parse({ signatureAuth });
expect(result.signatureAuth).toBeDefined();
}).not.toThrow();
expect(signatureAuth.keystoreContent).toBeDefined();
});
it('should validate PFX certificates with base64 content', () => {
const pfxContent = 'MIIKXAIBAzCCChgGCSqGSIb3...'; // base64 encoded PFX
const signatureAuth = {
type: 'pfx' as const,
pfxContent,
pfxPassword: 'password',
signatureDataTemplate: '{{signatureTimestamp}}',
signatureAlgorithm: 'SHA256',
signatureValidityMs: 300000,
};
// This should pass validation
expect(() => {
const result = HttpProviderConfigSchema.parse({ signatureAuth });
expect(result.signatureAuth).toBeDefined();
}).not.toThrow();
expect(signatureAuth.pfxContent).toBeDefined();
});
it('should validate separate certificate and key content', () => {
const certContent = 'LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0t...'; // base64 encoded cert
const keyContent = 'LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0t...'; // base64 encoded key
const signatureAuth = {
type: 'pfx' as const,
certContent,
keyContent,
signatureDataTemplate: '{{signatureTimestamp}}',
signatureAlgorithm: 'SHA256',
signatureValidityMs: 300000,
};
// This should pass validation
expect(() => {
const result = HttpProviderConfigSchema.parse({ signatureAuth });
expect(result.signatureAuth).toBeDefined();
}).not.toThrow();
expect(signatureAuth.certContent).toBeDefined();
expect(signatureAuth.keyContent).toBeDefined();
});
it('should accept configurations that fall back to legacy schema', () => {
const signatureAuth = {
type: 'jks' as const,
keystorePassword: 'password',
// Neither keystorePath nor keystoreContent provided - falls back to legacy
signatureDataTemplate: '{{signatureTimestamp}}',
signatureAlgorithm: 'SHA256',
signatureValidityMs: 300000,
};
// This should pass because it falls back to legacy schema for backward compatibility
expect(() => {
const result = HttpProviderConfigSchema.parse({ signatureAuth });
// The type field gets stripped by legacy schema
expect(result.signatureAuth).toBeDefined();
expect((result.signatureAuth as any).keystorePassword).toBe('password');
}).not.toThrow();
});
it('should accept PFX configurations that fall back to legacy schema', () => {
const signatureAuth = {
type: 'pfx' as const,
pfxPassword: 'password',
// No certificate data provided - falls back to legacy schema
signatureDataTemplate: '{{signatureTimestamp}}',
signatureAlgorithm: 'SHA256',
signatureValidityMs: 300000,
};
// This should pass because it falls back to legacy schema for backward compatibility
expect(() => {
const result = HttpProviderConfigSchema.parse({ signatureAuth });
// The type field gets stripped by legacy schema
expect(result.signatureAuth).toBeDefined();
expect((result.signatureAuth as any).pfxPassword).toBe('password');
}).not.toThrow();
});
});
});