From f03c8a85443b6429d18d717bb232278f19a397e3 Mon Sep 17 00:00:00 2001 From: Fabian Topfstedt Date: Thu, 6 Dec 2018 09:08:25 +0100 Subject: [PATCH] testing that a secure cookie gets set when being in ssl mode Signed-off-by: Fabian Topfstedt --- .../nginx/lua/test/balancer/sticky_test.lua | 29 +++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/rootfs/etc/nginx/lua/test/balancer/sticky_test.lua b/rootfs/etc/nginx/lua/test/balancer/sticky_test.lua index 478e431b8..d1dc96939 100644 --- a/rootfs/etc/nginx/lua/test/balancer/sticky_test.lua +++ b/rootfs/etc/nginx/lua/test/balancer/sticky_test.lua @@ -136,6 +136,35 @@ describe("Sticky", function() assert.has_no.errors(function() sticky_balancer_instance:balance() end) assert.spy(s).was_called() end) + + it("sets a secure cookie on the client when being in ssl mode", function() + ngx.var.https = "on" + local s = {} + cookie.new = function(self) + local test_backend_hash_fn = test_backend.sessionAffinityConfig.cookieSessionAffinity.hash + local cookie_instance = { + set = function(self, payload) + assert.equal(payload.key, test_backend.sessionAffinityConfig.cookieSessionAffinity.name) + local expected_len = #util[test_backend_hash_fn .. "_digest"]("anything") + assert.equal(#payload.value, expected_len) + assert.equal(payload.path, ngx.var.location_path) + assert.equal(payload.domain, ngx.var.host) + assert.equal(payload.httponly, true) + assert.equal(payload.secure, true) + return true, nil + end, + get = function(k) return false end, + } + s = spy.on(cookie_instance, "set") + return cookie_instance, false + end + local b = get_test_backend() + b.sessionAffinityConfig.cookieSessionAffinity.locations = {} + b.sessionAffinityConfig.cookieSessionAffinity.locations["test.com"] = {"/"} + local sticky_balancer_instance = sticky:new(b) + assert.has_no.errors(function() sticky_balancer_instance:balance() end) + assert.spy(s).was_called() + end) end) context("when client doesn't have a cookie set and location not in cookie_locations", function()