MCPcopy
hub / github.com/nats-io/nats.go / TestWSWithTLS

Function TestWSWithTLS

test/ws_test.go:290–355  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

288}
289
290func TestWSWithTLS(t *testing.T) {
291 for _, test := range []struct {
292 name string
293 compression bool
294 }{
295 {"without compression", false},
296 {"with compression", true},
297 } {
298 t.Run(test.name, func(t *testing.T) {
299 sopts := testWSGetDefaultOptions(t, true)
300 sopts.Websocket.Compression = test.compression
301 s := RunServerWithOptions(sopts)
302 defer s.Shutdown()
303
304 var copts []nats.Option
305 if test.compression {
306 copts = append(copts, nats.Compression(true))
307 }
308
309 // Check that we fail to connect without proper TLS configuration.
310 nc, err := nats.Connect(fmt.Sprintf("ws://localhost:%d", sopts.Websocket.Port), copts...)
311 if err == nil {
312 if nc != nil {
313 nc.Close()
314 }
315 t.Fatal("Expected error, got none")
316 }
317
318 // Same but with wss protocol, which should translate to TLS, however,
319 // since we used self signed certificates, this should fail without
320 // asking to skip server cert verification.
321 nc, err = nats.Connect(fmt.Sprintf("wss://localhost:%d", sopts.Websocket.Port), copts...)
322 // Since Go 1.18, we had to regenerate certs to not have to use GODEBUG="x509sha1=1"
323 // But on macOS, with our test CA certs, no SCTs included, it will fail
324 // for the reason "x509: “localhost” certificate is not standards compliant"
325 // instead of "unknown authority".
326 if err == nil || (!strings.Contains(err.Error(), "authority") && !strings.Contains(err.Error(), "compliant")) {
327 if nc != nil {
328 nc.Close()
329 }
330 t.Fatalf("Expected error about unknown authority: %v", err)
331 }
332
333 // Skip server verification and we should be good.
334 copts = append(copts, nats.Secure(&tls.Config{InsecureSkipVerify: true}))
335 nc, err = nats.Connect(fmt.Sprintf("wss://localhost:%d", sopts.Websocket.Port), copts...)
336 if err != nil {
337 t.Fatalf("Error on connect: %v", err)
338 }
339 defer nc.Close()
340
341 sub, err := nc.SubscribeSync("foo")
342 if err != nil {
343 t.Fatalf("Error on subscribe: %v", err)
344 }
345 if err := nc.Publish("foo", []byte("hello")); err != nil {
346 t.Fatalf("Error on publish: %v", err)
347 }

Callers

nothing calls this directly

Calls 9

testWSGetDefaultOptionsFunction · 0.85
ConnectMethod · 0.80
FatalfMethod · 0.80
NextMsgMethod · 0.80
RunServerWithOptionsFunction · 0.70
ErrorMethod · 0.65
SubscribeSyncMethod · 0.65
PublishMethod · 0.65
CloseMethod · 0.45

Tested by

no test coverage detected