2022-12-31 10:22:38 +01:00
|
|
|
package tests
|
|
|
|
|
|
|
|
import (
|
2024-01-02 09:48:34 +01:00
|
|
|
"net/http"
|
2023-10-24 09:27:34 +02:00
|
|
|
"testing"
|
|
|
|
|
2022-12-31 10:22:38 +01:00
|
|
|
"github.com/google/uuid"
|
2024-01-02 09:48:34 +01:00
|
|
|
"github.com/stretchr/testify/require"
|
2023-01-30 19:59:42 +01:00
|
|
|
"github.com/twofas/2fas-server/tests"
|
2024-01-02 09:48:34 +01:00
|
|
|
"golang.org/x/sync/errgroup"
|
2022-12-31 10:22:38 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
func Test_MobileApiBandwidthAbuse(t *testing.T) {
|
|
|
|
someId := uuid.New()
|
|
|
|
|
2024-01-02 09:48:34 +01:00
|
|
|
noOfRequest := 130
|
|
|
|
noOfWorkers := 20
|
|
|
|
responseCh := make(chan int, noOfRequest)
|
|
|
|
|
|
|
|
eg := errgroup.Group{}
|
|
|
|
eg.SetLimit(noOfWorkers)
|
|
|
|
for i := 0; i < noOfRequest; i++ {
|
|
|
|
eg.Go(func() error {
|
|
|
|
resp := tests.DoAPIGet(t, "/mobile/devices/"+someId.String()+"/browser_extensions", nil)
|
|
|
|
|
|
|
|
responseCh <- resp.StatusCode
|
|
|
|
|
|
|
|
return nil
|
|
|
|
})
|
|
|
|
}
|
|
|
|
require.NoError(t, eg.Wait())
|
|
|
|
close(responseCh)
|
|
|
|
|
|
|
|
var got404, got429 int
|
|
|
|
for code := range responseCh {
|
|
|
|
switch code {
|
|
|
|
case http.StatusNotFound:
|
|
|
|
got404++
|
|
|
|
case http.StatusTooManyRequests:
|
|
|
|
got429++
|
|
|
|
default:
|
|
|
|
t.Fatalf("Unexpected code: %v", code)
|
|
|
|
}
|
2022-12-31 10:22:38 +01:00
|
|
|
}
|
2024-01-02 09:48:34 +01:00
|
|
|
// Default rate limit is 100 per minute.
|
|
|
|
// So we expect around 100 - 404, and around 30 - 429
|
|
|
|
require.InDelta(t, 100, got404, 2.0)
|
|
|
|
require.InDelta(t, 30, got429, 2.0)
|
2022-12-31 10:22:38 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
func Test_BrowserExtensionApiBandwidthAbuse(t *testing.T) {
|
|
|
|
someId := uuid.New()
|
|
|
|
|
2024-01-02 09:48:34 +01:00
|
|
|
noOfRequest := 130
|
|
|
|
noOfWorkers := 20
|
|
|
|
responseCh := make(chan int, noOfRequest)
|
|
|
|
|
|
|
|
eg := errgroup.Group{}
|
|
|
|
eg.SetLimit(noOfWorkers)
|
|
|
|
for i := 0; i < noOfRequest; i++ {
|
|
|
|
eg.Go(func() error {
|
|
|
|
resp := tests.DoAPIGet(t, "/browser_extensions/"+someId.String(), nil)
|
|
|
|
|
|
|
|
responseCh <- resp.StatusCode
|
|
|
|
|
|
|
|
return nil
|
|
|
|
})
|
|
|
|
}
|
|
|
|
require.NoError(t, eg.Wait())
|
|
|
|
close(responseCh)
|
|
|
|
|
|
|
|
var got404, got429 int
|
|
|
|
for code := range responseCh {
|
|
|
|
switch code {
|
|
|
|
case http.StatusNotFound:
|
|
|
|
got404++
|
|
|
|
case http.StatusTooManyRequests:
|
|
|
|
got429++
|
|
|
|
default:
|
|
|
|
t.Fatalf("Unexpected code: %v", code)
|
|
|
|
}
|
2022-12-31 10:22:38 +01:00
|
|
|
}
|
2024-01-02 09:48:34 +01:00
|
|
|
// Default rate limit is 100 per minute.
|
|
|
|
// So we expect around 100 - 404, and around 30 - 429
|
|
|
|
require.InDelta(t, 100, got404, 2.0)
|
|
|
|
require.InDelta(t, 30, got429, 2.0)
|
2022-12-31 10:22:38 +01:00
|
|
|
}
|