def test_send_delayed_request_global(config, override_requests_per_second, uri,
expected_requests_per_second, msg):
fuzzer = Fuzzer(
config_obj=config,
domain=domain,
global_timeout=True,
timeout=0.1,
uri=uri,
methods=["GET"],
)
if override_requests_per_second > 0:
fuzzer.model_obj["requestsPerSecond"] = override_requests_per_second
summaries = fuzzer.fuzz_requests_by_incremental_state(1)
expected_delay = request.get_request_delay(expected_requests_per_second)
assert summaries[0].delay == expected_delay, msg
def test_send_delayed_request_local(config):
fuzzer = Fuzzer(
config_obj=config,
domain=domain,
global_timeout=True,
timeout=0.1,
uri="/delayabit",
methods=["GET"],
)
summaries = fuzzer.fuzz_requests_by_incremental_state(1)
expected_requests_per_second = 2.5
expected_delay = request.get_request_delay(expected_requests_per_second)
assert (
summaries[0].delay == expected_delay
), f"local request rate defined in endpoint should have delay of {expected_delay}"
def test_delay_request(model):
endpoint = Fuzzer.get_endpoints(model["endpoints"], "/delayabit")[0]
request_delay = request.get_request_delay(endpoint["requestsPerSecond"])
now = time.time()
domain_obj = [m for m in model["domains"] if m["name"] == "local"][0]
response = request.send_request(domain_obj,
endpoint["uri"],
"GET",
delay=request_delay)
request_time = time.time() - now
expected_delay = 0.4
assert (expected_delay == response.delay
), "Delay should be represented in the response object"
tolerance = 0.005
assert round(request_time - expected_delay, 3) >= round(
response.time - tolerance, 3
), ("Request time should be equal to the time between building the request to receiving"
" the response, minus the delay time +/- " + str(tolerance), )
assert round(request_time - expected_delay, 3) <= round(
response.time + tolerance, 3
), ("Request time should be equal to the time between building the request to receiving"
" the response, minus the delay time +/- " + str(tolerance), )
def test_get_request_delay():
requests_per_second = 0.5
actual_request_delay = request.get_request_delay(requests_per_second)
expected_request_delay = 2
assert expected_request_delay == actual_request_delay, "Request delay is incorrect"
def iterate_endpoints(self):
"""
Send a newly mutated payload for each uri/method permutation. Logs information for each request.
:return: dict containing number of iterations (values) for each uri (keys)
"""
results = []
for endpoint_obj in Fuzzer.get_endpoints(self.model_obj["endpoints"],
self.uri):
my_timeout = self.timeout
if not self.global_timeout:
my_timeout = endpoint_obj.get("timeout", my_timeout)
requests_per_second = endpoint_obj.get(
"requestsPerSecond", self.model_obj.get("requestsPerSecond"))
request_delay = request.get_request_delay(requests_per_second)
my_methods = list(
set(endpoint_obj.get("methods",
self.methods)).intersection(self.methods))
my_methods = [my_methods] if isinstance(my_methods,
str) else my_methods
for method in my_methods:
if method not in endpoint_obj.get("methods", request.METHODS):
break
injected_endpoint_obj = Fuzzer.inject_constants(
endpoint_obj, self.constants)
mutated_payload = self.mutate_payload(injected_endpoint_obj)
result = self.send_payload(mutated_payload, method, my_timeout,
request_delay)
results.append(result)
summary = "state={0} method={1} uri={2}".format(
result.headers["X-fuzzeREST-State"],
method,
endpoint_obj["uri"],
)
summary += f" code={result.status_code}"
summary += f' error="{result.error}"'
expectations_obj = self.get_expectations(endpoint_obj)
if Fuzzer.evaluate_expectations(expectations_obj,
result) is False:
self.config.root_logger.warning(summary)
self.config.root_logger.debug(str(result))
# reset the counted slack errors every hour
if self.last_hour != localtime().tm_hour:
self.slack_errors = 0
self.last_hour = localtime().tm_hour
# print the error to slack if it does not exceed the throttle
if self.slack_errors < self.config.slack_errors_per_hour:
self._send_slack_message(summary)
self.slack_errors += 1
else:
self.config.root_logger.info(summary)
self.config.root_logger.log(self.config.trace_log_level,
str(result))
if (time() - self.last_slack_status_update >
self.config.slack_status_update_interval_seconds):
self._send_slack_message("current state is " +
str(self.state))
self.last_slack_status_update = time()
self.config.root_logger.log(
self.config.trace_log_level,
"payload: " + json.dumps(mutated_payload),
)
if my_timeout is not None:
self.config.root_logger.log(
self.config.trace_log_level,
"timeout=%ss delay=%ss",
my_timeout,
request_delay,
)
else:
self.config.root_logger.log(
self.config.trace_log_level,
"delay=%ss",
request_delay,
)
return results