akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 16 Packages Projects Releases Wiki Activity
Files
main
Charon/tests/security-enforcement/auth-api-enforcement.spec.ts
akanealw eec8c28fb3
Some checks are pending
Go Benchmark / Performance Regression Check (push) Waiting to run
Details
Cerberus Integration / Cerberus Security Stack Integration (push) Waiting to run
Details
Upload Coverage to Codecov / Backend Codecov Upload (push) Waiting to run
Details
Upload Coverage to Codecov / Frontend Codecov Upload (push) Waiting to run
Details
CodeQL - Analyze / CodeQL analysis (go) (push) Waiting to run
Details
CodeQL - Analyze / CodeQL analysis (javascript-typescript) (push) Waiting to run
Details
CrowdSec Integration / CrowdSec Bouncer Integration (push) Waiting to run
Details
Docker Build, Publish & Test / build-and-push (push) Waiting to run
Details
Docker Build, Publish & Test / Security Scan PR Image (push) Blocked by required conditions
Details
Quality Checks / Auth Route Protection Contract (push) Waiting to run
Details
Quality Checks / Codecov Trigger/Comment Parity Guard (push) Waiting to run
Details
Quality Checks / Backend (Go) (push) Waiting to run
Details
Quality Checks / Frontend (React) (push) Waiting to run
Details
Rate Limit integration / Rate Limiting Integration (push) Waiting to run
Details
Security Scan (PR) / Trivy Binary Scan (push) Waiting to run
Details
Supply Chain Verification (PR) / Verify Supply Chain (push) Waiting to run
Details
WAF integration / Coraza WAF Integration (push) Waiting to run
Details
changed perms
2026-04-22 18:19:14 +00:00

40 lines
1.2 KiB
TypeScript
Executable File
Raw Permalink Blame History

import { test, expect, request as playwrightRequest } from '@playwright/test';
const BASE_URL = process.env.PLAYWRIGHT_BASE_URL || 'http://localhost:8080';
test.describe('Security Enforcement API', () => {
let unauthContext: any;
test.beforeAll(async () => {
unauthContext = await playwrightRequest.newContext({
baseURL: BASE_URL,
storageState: { cookies: [], origins: [] },
extraHTTPHeaders: {},
});
});
test.afterAll(async () => {
await unauthContext?.dispose();
});
test('should reject request with missing bearer token (401)', async () => {
const response = await unauthContext.get('/api/v1/proxy-hosts');
expect(response.status()).toBe(401);
const data = await response.json();
expect(data).toHaveProperty('error');
});
test('should reject request with invalid bearer token (401)', async () => {
const response = await unauthContext.get('/api/v1/proxy-hosts', {
headers: { Authorization: 'Bearer invalid.token.here' },
});
expect(response.status()).toBe(401);
});
test('health endpoint stays public', async () => {
const response = await unauthContext.get('/api/v1/health');
expect(response.status()).toBe(200);
});
});
Reference in New Issue View Git Blame Copy Permalink