def test_send_request_body_and_query(mocker, model): class MockResponse: text = "text" reason = "reason" status_code = 200 mocker.patch.object(requests, "request", return_value=MockResponse()) uri = "/poorly/designed/endpoint" method = "GET" endpoint = Fuzzer.get_endpoints(model["endpoints"], uri)[0] domain_obj = [m for m in model["domains"] if m["name"] == "local"][0] res = request.send_request( domain_obj, endpoint["uri"], method, timeout=0.1, body_obj=endpoint["input"]["body"], query_obj=endpoint["input"]["query"], ) assert (res.body == endpoint["input"]["body"] ), "expected response to contain request body" assert res.url == request.get_encoded_url( domain_obj, endpoint["uri"], endpoint["input"]["query"], ), "expected response to contain url-encoded query"
def test_send_request(mocker, model): expected_text = "text" expected_error = None expected_httpcode = 200 class MockResponse: text = expected_text reason = "reason" status_code = expected_httpcode expected_res = MockResponse() mocker.patch.object(requests, "request", return_value=expected_res) uri = "/json" method = "GET" endpoint = Fuzzer.get_endpoints(model["endpoints"], uri)[0] domain_obj = [m for m in model["domains"] if m["name"] == "local"][0] res = request.send_request( domain_obj, endpoint["uri"], method, body_obj=endpoint["input"]["body"], ) assert res.status_code == expected_httpcode assert res.response_text == expected_text assert res.error == expected_error assert res.response == expected_res assert res.delay is 0 assert res.method == method assert res.headers is None
def test_send_request_summary_size(model): method = "GET" uri = "/poorly/designed/endpoint" endpoint = Fuzzer.get_endpoints(model["endpoints"], uri, methods=[method])[0] headers = endpoint["headers"] body = endpoint["input"]["body"] query = endpoint["input"]["query"] domain_obj = [m for m in model["domains"] if m["name"] == "example"][0] summary = request.send_request( domain_obj, uri, method, headers_obj=headers, body_obj=body, query_obj=query, ) expected_url_size = 63 assert len(summary.url) == expected_url_size expected_body_size = 35 assert len(json.dumps(summary.body)) == expected_body_size expected_header_size = 58 assert request.get_header_size_in_bytes( summary.headers) == expected_header_size expected_size = expected_url_size + expected_body_size + expected_header_size assert summary.size == expected_size, f"should have size {expected_size}"
def send_payload(self, payload, method, timeout, delay=0): """ Send the payload :param payload: a mutated payload :param method: request method :param timeout: amount of seconds (float) that the request api will wait for the first byte of a response :param delay: delay in seconds before the payload is sent :return: Summary object """ return request.send_request( self.get_domain_spec(), payload["uri"], method, timeout, delay, payload["headers"], payload["body"], payload["query"], )
def test_send_request_timeout(mocker, model): expected_reason = "I timed out" mocker.patch.object( requests, "request", side_effect=requests.exceptions.Timeout(expected_reason)) uri = "/sleepabit" method = "GET" endpoint = Fuzzer.get_endpoints(model["endpoints"], uri)[0] domain_obj = [m for m in model["domains"] if m["name"] == "local"][0] res = request.send_request( domain_obj, endpoint["uri"], method, timeout=0.1, query_obj=endpoint["input"]["query"], ) assert expected_reason in res.error
def test_delay_request(model): endpoint = Fuzzer.get_endpoints(model["endpoints"], "/delayabit")[0] request_delay = request.get_request_delay(endpoint["requestsPerSecond"]) now = time.time() domain_obj = [m for m in model["domains"] if m["name"] == "local"][0] response = request.send_request(domain_obj, endpoint["uri"], "GET", delay=request_delay) request_time = time.time() - now expected_delay = 0.4 assert (expected_delay == response.delay ), "Delay should be represented in the response object" tolerance = 0.005 assert round(request_time - expected_delay, 3) >= round( response.time - tolerance, 3 ), ("Request time should be equal to the time between building the request to receiving" " the response, minus the delay time +/- " + str(tolerance), ) assert round(request_time - expected_delay, 3) <= round( response.time + tolerance, 3 ), ("Request time should be equal to the time between building the request to receiving" " the response, minus the delay time +/- " + str(tolerance), )