xaizek / rocketgit (License: AGPLv3+) (since 2018-12-09)
Light and fast Git hosting solution suitable to serve both as a hub or as a personal code storage with its tickets, pull requests, API and much more.
<root> / tests / http_api.php (e7317c195d60a453187973bafe27c6048fc9cf70) (3,440B) (mode 100644) [raw]
<?php
error_reporting(E_ALL | E_STRICT);
ini_set('track_errors', 'On');

$rg_cache_debug = TRUE;
$test_normal = TRUE;

$INC = dirname(__FILE__) . '/../inc';
require_once(dirname(__FILE__) . '/config.php');
require_once($INC . '/init.inc.php');
require_once($INC . '/util.inc.php');
require_once('helpers.inc.php');
require_once('http.inc.php');

rg_log_set_file('http_api.log');

require_once('common.php');

$_testns = 'http_api';

prepare_http();

rg_test_create_user($db, $u);
rg_test_create_repo_no_dir($db, $u, $repo);

$r = test_login($test_url, $u);
if ($r === FALSE)
	exit(1);

rg_test_upload_ssh_key($db, $u, 'http_api', $kn);

rg_log('');
rg_log_enter('Loading api keys form...');
$url = '/op/settings/apikeys/add';
$headers = array();
$data = array();
$r = do_req($test_url . $url, $data, $headers);
if ($r === FALSE) {
	rg_log('Cannot load form.');
	exit(1);
}
$token = @$r['tokens']['ak_add'];
if (empty($token)) {
	rg_log_ml('r: ' . print_r($r, TRUE));
	rg_log('Seems I cannot load the token!');
	exit(1);
}
$key = $r['inputs']['ak::key'];
rg_log_exit();


rg_log('');
rg_log_enter('Posting api keys add form (token=' . $token . ')...');
$data = array('doit' => 1, 'token' => $token,
	'ak::name' => 'ak<xss>', 'ak::key' => $key);
$r = do_req($test_url . $url, $data, $headers);
if ($r === FALSE) {
	rg_log('Cannot post request.');
	exit(1);
}
$sql = 'SELECT * FROM apikeys WHERE uid = ' . $u['uid'];
$res = rg_sql_query($db, $sql);
$row = rg_sql_fetch_array($res);
rg_sql_free_result($res);
if (strcmp($row['key'], $key) != 0) {
	rg_log('The key not found in the database (db=' . $row['key']
		. '; post=' . $key . ')!');
	exit(1);
}
rg_log_exit();


// TODO: what happens if the CT is not json?
// sh = Standard Headers
$sh = array('Content-Type: application/json');

$url = '/op/api';


rg_log('');
rg_log_enter('Calling API: user_info (without authorization)...');
$headers = $sh;
$a = array('cmd' => 'user_info', 'user' => $u['username']);
$data = json_encode($a);
$r = do_req($test_url . $url, $data, $headers);
if (@strcmp($r['json']['error'], 'invalid user or apikey') != 0) {
	rg_log('Cannot call api.');
	exit(1);
}
rg_log_exit();


// From now on, we only try with the key...
$sh[] = 'Authorization: ' . $u['username'] . ' ' . $key;


rg_log('');
rg_log_enter('Calling API: invalid command...');
$headers = $sh;
$a = array('cmd' => 'invalid command');
$data = json_encode($a);
$r = do_req($test_url . $url, $data, $headers);
if (@strcmp($r['json']['error'], 'invalid command') != 0) {
	rg_log('Cannot call api.');
	exit(1);
}
rg_log_exit();


rg_log('');
rg_log_enter('Calling API: user_info (with authorization)...');
$headers = $sh;
$a = array('cmd' => 'user_info', 'user' => $u['username']);
$data = json_encode($a);
$r = do_req($test_url . $url, $data, $headers);
if (@strcmp($r['json']['email'], $u['email']) != 0) {
	rg_log('E-mail ot returned for user_info?!');
	exit(1);
}
rg_log_exit();


rg_log('');
rg_log_enter('Calling API: user_ssh_key_list (uid instead or user)...');
$headers = $sh;
$a = array('cmd' => 'user_ssh_keys_list', 'uid' => $u['uid'], 'opaque' => 'abc');
$data = json_encode($a);
$r = do_req($test_url . $url, $data, $headers);
if (!isset($r['json']['list'][0]['last_use'])) {
	rg_log('NO last_use field for the first key!');
	exit(1);
}
if (@strcmp($r['json']['opaque'], 'abc') != 0) {
	rg_log('Opaque value is missing/wrong!');
	exit(1);
}
rg_log_exit();


rg_prof_log();
rg_log('OK!');

Hints

Before first commit, do not forget to setup your git environment:
git config --global user.name "your_name_here"
git config --global user.email "your@email_here"

Clone this repository using HTTP(S):
git clone https://code.reversed.top/user/xaizek/rocketgit

Clone this repository using ssh (do not forget to upload a key first):
git clone ssh://rocketgit@code.reversed.top/user/xaizek/rocketgit

You are allowed to anonymously push to this repository.
This means that your pushed commits will automatically be transformed into a pull request:
... clone the repository ...
... make some changes and some commits ...
git push origin master